Matthew IvoryPhD student, Associate Lecturer
I am currently working on the EPSRC-funded PhD research project titled, " The soft skills of software learning development: Psychological dimensions of computing and security behaviours".
The main objective of this project is to better understand how security within software is affected by the cognitive and social processes of the developers. In better understanding the psychology that underpins these processes, these can be expanded upon to understand the soft skills that are required to be a successful software developer.
A recent preprint from this project focused on the way that responsibility and risk are represented by software developers when talking about secure coding (Ivory et al., 2023). It was found that developers can use a variety of options to defer or displace responsibility resulting in an ability to reduce their role in the implementation of security.
Further research will examine the actions and behaviours of software developers when faced with insecure code in efforts to link their actions to personal cognition. In doing so, future interventions can focus on the individual and adapting the tools to benefit them as much as possible.
The project impact extends to both theory and practical implications. Theoretically, it allows for a better understanding of the psychology of software developers. It also provides a platform upon which further ideas and hypotheses can be tested that can be used to encourage better security behaviours in software developers. Practically, the research can be used to update and inform the computer science courses offered by universities to promote and encourage the development of soft skills, which in turn will benefit the software development industry.
Ivory, M., Sturdee, M., Towse, J. N., Levine, M., & Nuseibeh, B. (2023). Understanding Software Developer’s Security Perceptions: A Psychological Interpretation of Responsibility, Risk and Optimism. PsyArXiv. https://doi.org/10.31234/osf.io/pexvz
Professor John Towse
Professor Mark Levine
Dr Miriam Sturdee
Professor Bashar Nuseibeh
- Security Lancaster
- Security Lancaster (Software Security)